RPC: Authentication error; why = Client credential too weak
OS: RHEL 6.2 , 2.6.32-220.el6.i686
I created a service using RPC and is compiled using rpcgen and gcc. When I try to run the service I get the following Error : Cannot register service: RPC: Authentication error; why = Client credential too weak I restarted rpcbind with argument -i. Now able to register the RPC process. man page shows that -i meaning insecure mode. Do I need to rewrite the program to have secure registration? If so any example please. what causes insecure mode? |
RPC has various security options ranging from None (Unix) through DES to possibly stronger recent versions I've not investigated. I'm afraid I last did RPC programming before the US allowed the relevant libraries to be exported so I didn't use those security features but added my own.
|
... and you definitely want to run your RPC service with some level of cryptographic security and client-authentication. Even if you do not actually care if the data being passed is unintelligible (e.g. it's internal-only or passing through a VPN tunnel already), you do want other things like message-integrity and provenance. Take the time to really study these features closely.
An overly-trusting RPC service is a "Bobby Tables problem" at worst, but a source of unacceptable lack-of troubleshooting at best. |
All times are GMT -5. The time now is 05:51 PM. |